package com.chinare.rop.core.signer;

import com.chinare.rop.ROPConfig;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Collections;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import org.nutz.http.Http;
import org.nutz.http.Response;
import org.nutz.lang.Lang;
import org.nutz.lang.Streams;
import org.nutz.lang.Strings;
import org.nutz.log.Log;
import org.nutz.log.Logs;

/* loaded from: input_file:com/chinare/rop/core/signer/AbstractSigner.class */
public abstract class AbstractSigner implements Signer {
    Log log = Logs.get();

    @Override // com.chinare.rop.core.signer.Signer
    public boolean check(HttpServletRequest httpServletRequest, AppsecretFetcher appsecretFetcher) {
        if (Strings.isBlank(httpServletRequest.getHeader(ROPConfig.APP_KEY_KEY)) || Strings.isBlank(httpServletRequest.getHeader(ROPConfig.TS_KEY)) || Strings.isBlank(httpServletRequest.getHeader(ROPConfig.METHOD_KEY)) || Strings.isBlank(httpServletRequest.getHeader(ROPConfig.NONCE_KEY)) || Strings.isBlank(httpServletRequest.getHeader(ROPConfig.SIGN_KEY))) {
            return false;
        }
        String header = httpServletRequest.getHeader(ROPConfig.SIGN_KEY);
        this.log.debugf("Expected sign is %s", new Object[]{header});
        return Strings.equalsIgnoreCase(sign(httpServletRequest, appsecretFetcher), header);
    }

    @Override // com.chinare.rop.core.signer.Signer
    public boolean check(Response response, String str, String str2) {
        String str3 = response.getHeader().get(ROPConfig.NONCE_KEY);
        String str4 = response.getHeader().get(ROPConfig.TS_KEY);
        return Strings.equals(sign(str, str4, str2, str3, Lang.md5(response.getContent())), response.getHeader().get(ROPConfig.SIGN_KEY));
    }

    public String contentType(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getHeader("Content-Type");
    }

    protected String getDataMate(HttpServletRequest httpServletRequest) {
        if (Strings.equalsIgnoreCase(httpServletRequest.getMethod(), "GET")) {
            return Lang.md5(Http.encode(httpServletRequest.getQueryString(), httpServletRequest.getCharacterEncoding()));
        }
        if (isFileUpload(httpServletRequest)) {
            try {
                return Lang.md5(new ByteArrayInputStream(getURLEncodedParams(httpServletRequest).getBytes(httpServletRequest.getCharacterEncoding())));
            } catch (IOException | ServletException e) {
                this.log.debug("不支持的编码!");
                throw Lang.wrapThrow(e);
            }
        }
        try {
            StringBuilder read = Streams.read(new InputStreamReader(httpServletRequest.getInputStream()));
            return read.length() == 0 ? Lang.md5(SignerHelper.paramMapAsUrlString(httpServletRequest.getParameterMap(), httpServletRequest.getCharacterEncoding())) : Lang.md5(read);
        } catch (IOException e2) {
            throw Lang.wrapThrow(e2);
        }
    }

    public String getURLEncodedParams(HttpServletRequest httpServletRequest) throws IOException, ServletException {
        StringBuilder sb = new StringBuilder();
        List collection2list = Lang.collection2list(httpServletRequest.getParts());
        Collections.sort(collection2list, (part, part2) -> {
            return part.getName().compareTo(part2.getName());
        });
        collection2list.stream().forEach(part3 -> {
            String name = part3.getName();
            if (Strings.isBlank(part3.getContentType())) {
                sb.append(Http.encode(name, httpServletRequest.getCharacterEncoding())).append('=').append(Http.encode(httpServletRequest.getParameter(name), httpServletRequest.getCharacterEncoding())).append('&');
                return;
            }
            try {
                sb.append(Http.encode(name, httpServletRequest.getCharacterEncoding())).append('=').append(Http.encode(Lang.md5(part3.getInputStream()), httpServletRequest.getCharacterEncoding())).append('&');
            } catch (IOException e) {
                throw Lang.wrapThrow(e);
            }
        });
        if (sb.length() > 0) {
            sb.setLength(sb.length() - 1);
        }
        return sb.toString();
    }

    private boolean isCommonFileUpload(HttpServletRequest httpServletRequest) {
        return contentType(httpServletRequest) != null && contentType(httpServletRequest).startsWith("multipart/form-data");
    }

    private boolean isFileUpload(HttpServletRequest httpServletRequest) {
        return isCommonFileUpload(httpServletRequest) || isHtml5FileUpload(httpServletRequest);
    }

    private boolean isHtml5FileUpload(HttpServletRequest httpServletRequest) {
        return contentType(httpServletRequest) != null && contentType(httpServletRequest).startsWith("application/octet-stream");
    }

    public String sign(AppsecretFetcher appsecretFetcher, String str, String str2, String str3, String str4, String str5) {
        return sign(appsecretFetcher.fetch(str), str2, str3, str4, str5);
    }

    public String sign(HttpServletRequest httpServletRequest, AppsecretFetcher appsecretFetcher) {
        return sign(appsecretFetcher, httpServletRequest.getHeader(ROPConfig.APP_KEY_KEY), httpServletRequest.getHeader(ROPConfig.TS_KEY), httpServletRequest.getHeader(ROPConfig.METHOD_KEY), httpServletRequest.getHeader(ROPConfig.NONCE_KEY), getDataMate(httpServletRequest));
    }
}
